Federal Government Scholarships and Career Opportunities in Information Security

MAJ Steven Turner, US Army Recruiting; Office: (305) 718-9450 Cell: (786) 853-4370
Email: steven.turner@usarec.army.mil 

*Updated Information Security handout available at: http://www.vimare.com/infosechandout.htm

IMPORTANT: The National Strategy to Secure Cyberspace was released on 18 Sept 2002.  PDF file available at http://www.whitehouse.gov/pcipb   

Test out: What does Eligible Receiver, Solar Sunrise, Moonlight Maze and Blue Cascades have to do with Information Systems Security?

Federal Government Information Security Scholarship Programs
Federal Government Scholarships (other than DoD)

Federal Cyber Service: Scholarship for Service (Cyber Corps):
http://www.opm.gov/hr/employ/products/recruitment/Scholarship/scholarshipmain.htm

Carnegie Mellon University
Georgia Institute of Technology
Iowa State University
Jackson State University
Mississippi State University
Naval Postgraduate School
Polytechnic University
Purdue University
University of Idaho
University of North Carolina at Charlotte
University of Tulsa

Cyber Corps funding has been boosted. The government's Scholarship for Service program is getting an infusion of new money, thanks to the supplemental funding bill signed by President Bush on 2 August 2002. The supplemental funding includes $19.3 million for the program, which offers scholarships to undergraduate and graduate students studying information assurance in exchange for two years of government service in the federal Cyber Corps. Read recent comments by Ira Hobbs, CIO of the Agriculture Department about the Cyber Corps.  http://www.cis.utulsa.edu/InTheNews/OfthepeopleCyberCorpsistrainingourfuturesecurityleaders.asp  The National Strategy To Secure Cyberspace is expected to contain provisions to establish a State Cyber Corps program as well.


Department of Defense (DoD)  

Why Department of Defense? The nature of war is changing. More and more the Department of Defense (DOD) is employing computers, networks, global telecommunication systems, and satellites to support it in performing its diverse national security missions. Today, the DOD has more than 2 million diart technology image computers, 10,000 local area networks, and 100 long-distance networks. This technology helps to identify and track enemy targets, pay soldiers, and manage supplies. The technology also acts as a critical force multiplier by helping to ensure that appropriate military resources are used exactly when and where required.

*Defense Information Infrastructure (DII) is one of the most complex information infrastructures in the world. 
*DoD computer systems are heavily attacked by everyone from "recreational hackers" to nation-state intelligence services. Code Red Worm is suspected to be the work of a nation-state.  
*Massive PKI implementation, more than 1,000,000 certificates issued

DoD Information Assurance Scholarship Program (Main website):
http://www.c3i.osd.mil/iasp/studentsMain.htm

Application:
http://www.c3i.osd.mil/iasp/docs/Scholarship_and_Vacancy_Announcement.pdf

*DOD and non-DOD students are eligible to apply, and scholarships will be awarded for undergraduate and graduate degrees. 
*The program is similar to the civilian "Cyber Corps" program but is specific to DoD. 
*Scholarships will be awarded to individuals studying information assurance in exchange for a two-year commitment to work for the department. 
*Students need to be enrolled or accepted for enrollment at one of the 32 Centers of Excellence for Information Assurance Education Universities as designated by the National Security Agency.
*Full-ride scholarships with annual stipend plus civilian pay as civilian student scholar interns
*Junior, Senior and Graduate students accepted at or enrolled in one of the 32 non-DoD institutions designated as CAEs are eligible to apply for full scholarships to complete undergraduate, master’s and doctoral degrees in an information assurance discipline.

Students selected for the program will receive scholarships (including tuition, books, fees and a stipend) and immediate appointments under the Student Career Experience Program as federal civilian Information Assurance Scholars (part-time interns) in a variety of defense agencies and locations nation-wide. During breaks in their academic studies, Information Assurance Scholars will receive progressive, hands-on experience in information security internships. In return, scholars must agree to some restrictions and obligations regarding curriculum, GPA and post-program employment. If all conditions are met, Information Assurance Scholars will receive full-time permanent positions with the Department of Defense on program completion. 

Centers of Academic Excellence in Information Assurance Education (CAEs)
32 Universities that offer the DoD Information Assurance Scholarship Program:
http://www.c3i.osd.mil/iasp/studentsCAEList.htm

 

Information of Interest to Information Security Educators

National Colloquium for Information Systems Security Education 
Leading voice in collegiate Information Security Education. Closely allied with NSA's Center of Academic Excellence (CAE) institutions. http://www.ncisse.org/

National INFOSEC Education and Training Program
Valuable information for educators in establishing information security programs at your university as well as curriculum ideas. Universities can compete for funding or partner with existing institutions such as the National Defense University Information Resource Management College in Washington DC. http://www.nsa.gov/isso/programs/nietp/index.htm

 

US Army Information Security Operations

Joint Information Operations Center (JIOC) at Lackland AFB in San Antonio, Texas. The JIOC maintains specialized expertise in IO systems engineering, operational applications, capabilities and vulnerabilities. The JIOC enables Joint Force Commanders to plan and execute IO, both offensive and defensive involving the integrated use of Operational Security (OPSEC), Psychological Operations (PSYOP), military deception, Electronic Warfare (EW), physical destruction, and computer network attack (CNA)/computer network defense (CND) throughout the planning and execution phases of operations. http://www.spacecom.mil/jioc.htm

DoD Joint Task Force-Computer Network Operations (JTF-CNO)
Computer Network Defense/Computer Network Attack (CND/CNA) - Computer Network Defense includes protecting and defending information, computers, and networks from disruption, denial, degradation, or destruction. Computer Network Attack includes developing the capabilities to disrupt, deny, degrade or destroy information resident in computers, computer networks or, computers and networks themselves. http://www.spacecom.mil/jtf-cno.htm 

*Comprised of 5 components from Army, Navy, Air Force, Marines and the Defense Information Systems Agency. 

*Manages US Government defensive and offensive information security operations 
*Created in response to the Feb 1998 "Solar Sunrise" incident. 
*Air Force Lieutenant Colonel Gregory Rattray, author of "Strategic Warfare in Cyberspace" has been tasked to determine the legal, social and ethical ramifications in offensive cyber warfare operations.

Link to excellent cyber warfare article in Military Review, a US Army professional journal. 
http://www-cgsc.army.mil/milrev/english/NovDec01/anderson.asp

Army Land Information Warfare Activity (LIWA)
*Army component to JTF-CNO
*Information Dominance Center (IDC) is well known for intelligence and information operations and is on the leading edge using data visualization, data mining and data fusion technologies. Praised by Congressman, Curt Weldon, R-PA for providing intelligence on negotiating opponent in Kosovo. CIA was unable to provide hardly any information, The US Army provided detailed dossier. 

Army Computer Emergency Response Team (ACERT) Red and Blue teams deploy for penetration testing, incident response, vulnerability and damage assessments. 
https://www.acert.belvoir.army.mil/ACERTmain.htm  

diart_image4.jpg

DoD Cert (similar to CERT-CC www.cert.org at Carnegie Mellon University) Responsible for incident response throughout the entire Department of Defense.
http://www.cert.mil

US Army Reserve Support to Army Information Operations
http://www.usarc.army.mil/news/IOPromo.htm

US Army & US Army Reserve Information Operations include not only Automated Information Systems but also Civil Affairs, Psychological Operations, Public Affairs, Military Intelligence, and Signal operations. Functions include all forms of operational security, electronic warfare, and computer network defense and computer network attack. Reserve forces are increasingly being used to provide information technology expertise to the following  federal agencies:

Army Land Information Warfare Activity (LIWA)
Office of the Army Chief Information Officer/G-6 
Army Space Command
Army Research Laboratory
Army Communications – Electronics Command
National Ground Intelligence Center
National Security Agency
Defense Information Systems Agency
Defense Intelligence Agency
U.S. Space Command

Uniformed or Civilian Military Service?

US Army Uniformed Career Opportunities
http://www.goarmy.com

Enlisted (start at $22,000 -$50,000)
Enlisted information security and systems personnel are the backbone of Army information system operations and are in charge of implementing, training and managing information security systems. 

Officer (start at $36,000 to $100,000+) Manage personnel, make policy and allocate resources.

How to become a US Army Officer: 

1) Officer Candidate School (OCS) - 14 weeks at Fort Benning, GA, then 3-6 month Officer Basic Course (OBC) for officer specialization training. 
2) Reserve Officer Training Corps (ROTC) - One 3 credit class/semester for 2 years then OBC
3) Direct Commission - 
Active Duty: Medical, Legal only 
Army Reserve: For placement into local reserve unit

Army College First Program. The US Army will pay eligible college students $250-$350 month for up to two years while students continue full-time college studies. After two years students either can go on active duty or enroll in ROTC at a sponsoring school such as FIU or FAU.

US Army Civilian Opportunities
www.cpol.army.mil

US Army Office of the Chief Information Officer (CIO/G-6)
Posting of civilian career opportunities in Information Security and Intelligence
http://www.army.mil/ciog6/

Department of Defense CIO http://www.c3i.osd.mil  Has good listing of links to online Military Information Security Publications.

Civilian Contractors to the Department of Defense
Many Information Technology workers working for the DoD are civilian workers. Some are career employees, others work for civilian contractors such as: http://www.mantech.com     http://www.acsdefense.com     http://northropgrummanit.com

 US Army Signal and Military Intelligence

US Army Signal Command (Data and voice information and communication systems)
http://www.asc.army.mil/

US Army Intelligence and Security Command
http://www.inscom.army.mil/

US Army Deputy Chief of Staff for Intelligence
http://www.dami.army.pentagon.mil/

 

Information Assurance Certifications 

Certified Information Systems Security Professional (CISSP) http://www.isc2.org/
Requirements: Three years experience as a professional in the Information Security field and successfully pass 6 hour, 250 question proctored examination. Widely recognized as the Cadillac of Information Security certifications. Certcities ranks it in the ten hottest certifications for 2002. http://certcities.com/editorial/features/story.asp?EditorialsID=37 

SANS Institute Global Information Assurance Certification (GIAC) http://www.giac.org/ 
Professional certifications in GIAC Certified Firewall Analyst; GIAC Certified Intrusion Analyst; GIAC Certified Incident Handler; GIAC Certified Windows Security Administrator; and GIAC Certified UNIX Security Administrator. Candidates that have all 5 of these certifications will be able to sit the GIAC Security Engineer (GSE) certification in 2003. SANS The Twenty Most Critical Internet Security Vulnerabilities: http://www.sans.org/top20.htm

Information Systems Security Professional - (INFOSEC) NSTISSI 4011 http://www.ndu.edu/irmc/nstissi.html 
Federal Government information security certification. Can be acquired by completing programs of instruction at CAE universities or by graduating from the CIO Certificate program at the National Defense University Information Management Resources College. The NSTISSI series certifications will be earned by Cyber Corps scholarship recipients. University of Tulsa has posted an excellent explanation of the NSTISSI Information Security certification  http://www.cis.utulsa.edu/InformationSecurityCertificateProgram/

 

South Florida Information Security groups/activities

FBI Infragard - South Florida Chapter http://www.infragard.net
Have student membership category. Any questions or interest in becoming active with InfraGard please contact SSA Levord Burns at 305-787-6318 Miami FBI NIPC Supervisor. Email: infragard-mm@fbi.gov

Information Systems Security Association (ISSA) South Florida Chapter http://www.issa.org/south_florida/
Monthly, educational information security events sponsored by local info sec vendors. 

Honeynet Project-South Florida http://www.sfhn.net/ 
Sponsors of the Scan of the Month Challenge for student Info Sec analysts http://www.honeynet.org/scans/scan23/

Association of Former Intelligence Officers (AFIO) Miami Chapter http://www.geocities.com/AFIOMDC
Students welcome! Discuss broad range of Intelligence issues in monthly meetings. Members are sent a highly informative e-newsletter with commentary on comtemporary and historical intelligence issues.

Secret Service - Miami Electronic Crimes Task Force (MECTF)  http://www.ectaskforce.org/Regional_Locations.htm Outreach to business, academia and government agencies to educate on cyber safety and security.  Contact: ATSAIC Alex Echo Office: 305-629-1800 Email: aecho@usss.treas.gov

And finally, lest we take all this too seriously, The Crypt Newsletter: http://sun.soci.niu.edu/~crypt/  and Vmyths.com, the Truth about Computer Security Hysteria: http://vmyths.com/index.cfm